Are there any free/public web service APIs (SOAP/REST) which supports mutual authentication? The purpose is to call this API using mutual authentication for learning purpose.
Asked
Active
Viewed 576 times
1 Answers
3
updated answer
There is a website available https://badssl.com/ which has an option for client side certificate under the client certificate section. You can download the actual required certificates for setting up an request with key and trust material for mutual tls.
You can execute a basic curl request with mutual authentication to badssl with the following command:
curl -v --cert badssl.com-client.pem:badssl.com https://client.badssl.com/
Old answer below
I created an example project for mutual authentication with certificates for learning purposes. https://github.com/Hakky54/mutual-tls-ssl
It provides how-to steps to enable encryption with SSL/TLS for three scenarios and how to connect to it:
- one way authentication -> server communicates over https and identifies itself with a certificate
- two way/mutual authentication -> both server and client needs to identify itself
- two way/mutual authentication based on trusting the certificate authority -> same as above one but trusting the root-ca is enough to get the same result
Here you can setup a server which communicates over HTTPS. And it also requires the certificate of the client and it that way it will do mutual authentication. If you use the provided script then it will prepare a server with the above mentioned specs.
Hakan54
- 3,121
- 1
- 23
- 37
-
First of all, thank you so much for showing interest in this post and sparing time for such a great assistance. This is way more than what I expected. I will certainly go through given link and will try to play around with this :-) – user1934643 Dec 06 '19 at 16:20
-
Hi @user1934643 I found a website where you can play around with mutual authentication. See my initial post, hope it is still helpful for you – Hakan54 May 05 '20 at 07:26